More than half of Chief Executive Officers will have a senior digital leader role in their staff by the end of 2015, according to the 2014 CEO and Senior Executive Survey by Gartner Inc.
By 2017, one-third of large enterprises engaging in digital business models and activities will also have a digital risk officer role (DRO) or equivalent.
By 2020, 60 per cent of digital businesses will suffer major service failures due to the inability of the IT security team to manage digital risk in new technology and use cases.
IT, operational technology (OT), the Internet of Things (IoT) and physical security technologies will have interdependencies that require a risk-based approach to governance and management.
Digital risk management
Digital risk management is the next evolution in enterprise risk and security for digital businesses by expanding the scope of technologies protected.
"Digital risk officers will require a mix of business acumen and understanding with sufficient technical knowledge to assess and make recommendations for appropriately addressing digital business risk," said Paul Proctor, Vice-President and distinguished analyst at Gartner.
"Many traditional security officers will change their titles to digital risk and security officers, but without material change in their scope, mandate, and skills they will not fulfill this role in its entirety,” Proctor added.
Mandate, scope of DRO
The mandate and scope of a digital risk officer is very different than a chief information security officer (CISO) and in many organisations, the CISO role will continue with similar scope as in 2014.
He will report to a senior executive role outside of IT such as the chief risk officer, chief digital officer or the chief operating officer. They will manage risk at an executive level across digital business units working directly with peers in legal, privacy, compliance, digital marketing, digital sales and digital operations.
IT security role
The IT security role remains relevant and vital. However, many CISOs will evolve into DROs as they begin to own or form effective partnerships with digital security teams managing other forms of technology.
IT security leaders may continue with their assigned responsibilities that report to the DRO. As physical security management becomes increasingly digital, this will include the physical security teams as well.